Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 10 Nov 2005 10:09:22 -0200
From:      "Pedro Paulo de Magalhaes Oliveira Junior" <>
To:        <>
Subject:   RE: String Match (Cesar)
Message-ID:  <000001c5e5ef$97247320$2d00a8c0@MICROPPJ>
In-Reply-To: <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help

IMHO this is the main disadvantage of FreeBSD and IPFW.

Sure Linux has a better support on string match for IPS.


Message: 1
Date: Wed, 9 Nov 2005 11:52:35 -0300
From: "Cesar" <>
Subject: String Match
To: <>
Message-ID: <002b01c5e53d$38c99d30$f2faa8c0@ironman>
Content-Type: text/plain; format=flowed; charset="iso-8859-1";

An interesting thing in iptables is that option to match strings, like this 

iptables -A FORWARD -p TCP -m string --string "BitTorrent protocol" -j 
REJECT --reject-with tcp-reset
iptables -A FORWARD -p TCP -m string --string "GET /announce" -j 
REJECT --reject-with tcp-reset

Did anyone wrote a similar patch to ipfw? or ... Is this something desirable

to ipfw which the developers will put in the future?



No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.362 / Virus Database: 267.12.8/163 - Release Date: 8/11/2005

Want to link to this message? Use this URL: <$97247320$2d00a8c0>